{"payload":{"featured":[],"recommended":[],"recently_added":[],"search_results":{"results":[{"type":"marketplace_listing","id":"17323","state":"unverified","name":"signal.fyi","free":true,"primary_category":"Dependency management","secondary_category":"Utilities","is_verified_owner":true,"slug":"www-signal-fyi","owner_login":"signalfyi","resource_path":"/marketplace/www-signal-fyi","installation_count":6,"full_description":"signal.fyi automates Docker image version updates through pull requests against your default branch, monitoring\nmulti-file and/or multi-stage Dockerfiles in your repository (max:3/repository). Enhance compliance, security, and the a\nhref=\nhttps://www.cisa.gov/sbom#:~:text=A%20%E2%80%9Csoftware%20bill%20of%20materials,that%20make%20up%20software%20components.\ntarget= _blank Software Bill of Materials (SBOM) /a context with auditable and traceable records of your Docker image\nversions.\n","short_description":"Automates multifile and/or multistage Docker image version updates via PR's against the default branch (max:3/repo)","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/17323?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":17323,"state":6,"name":"signal.fyi","slug":"www-signal-fyi","short_description":"Automates multifile and/or multistage Docker image version updates via PR's against the default branch (max:3/repo)","full_description":"signal.fyi automates Docker image version updates through pull requests against your default branch, monitoring multi-file and/or multi-stage Dockerfiles in your repository (max:3/repository). Enhance compliance, security, and the <a href=\"https://www.cisa.gov/sbom#:~:text=A%20%E2%80%9Csoftware%20bill%20of%20materials,that%20make%20up%20software%20components.\" target=\"_blank\">Software Bill of Materials (SBOM)</a> context with auditable and traceable records of your Docker image versions.","extended_description":"signal.fyi streamlines Docker image version management in projects, enhancing security and compliance. It integrates their latest versions via pull requests, ideal for multi-file and multi-stage builds. With a configured CI/CD pipeline for auto-merging or deploying pull requests, signal.fyi enables seamless update automation. This minimizes vulnerability risks and aligns with regulatory standards. For management, it's a strategic tool to boost security and streamline workflows. It ensures software integrity and reliability, making the update process transparent and efficient. signal.fyi supports a secure, compliant development lifecycle, automating critical updates for focused innovation.","primary_category_id":11,"secondary_category_id":29,"privacy_policy_url":"https://www.signal.fyi/legal/","tos_url":"https://www.signal.fyi/legal/","company_url":"https://www.signal.fyi/","status_url":"https://www.signal.fyi/","support_url":"https://github.com/signalfyi/support","documentation_url":"https://www.signal.fyi/","pricing_url":null,"bgcolor":"ffffff","light_text":true,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":4392,"technical_email":"contact@signal.fyi","marketing_email":"contact@signal.fyi","finance_email":"contact@signal.fyi","direct_billing_enabled":false,"by_github":false,"security_email":"contact@signal.fyi","listable_type":"Integration","listable_id":340818,"copilot_app":false}}},{"type":"marketplace_listing","id":"14937","state":"unverified","name":"InfieldAI","free":false,"primary_category":"Dependency management","secondary_category":"Security","is_verified_owner":false,"slug":"infieldai","owner_login":"infieldai","resource_path":"/marketplace/infieldai","installation_count":73,"full_description":"Drowning in open upgrade PRs?\n\nWe researched, parsed, and validated thousands of open source changelogs so you can upgrade quickly and safely.\n","short_description":"Upgrade dependencies safely and easily with Infield-verified changelogs","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/14937?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":14937,"state":6,"name":"InfieldAI","slug":"infieldai","short_description":"Upgrade dependencies safely and easily with Infield-verified changelogs","full_description":"### Drowning in open upgrade PRs? \nWe researched, parsed, and validated thousands of open source changelogs so you can upgrade quickly and safely.\n\n\n\n","extended_description":"### Upgrade safely\nWe've parsed the changelog, categorized the changes, and evaluated each change's potential to break your app. \n\n### Increase Visibility\nSort and filter your dependencies to see which ones are stale, abandoned, or high risk. \n\n### Minimize Toil\nMake your upgrade work more efficient with Infield's automatic changelog research and impact analysis.\n\nQuestions? Reach out to InfieldAI founders directly at [founders@infield.ai](founders@infield.ai).","primary_category_id":11,"secondary_category_id":6,"privacy_policy_url":"https://www.infield.ai/privacy","tos_url":"https://www.infield.ai/terms","company_url":"https://www.infield.ai/","status_url":"","support_url":"support@infield.ai","documentation_url":"","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":3708,"technical_email":"steve@infield.ai","marketing_email":"andrew@infield.ai","finance_email":"allison@infield.ai","direct_billing_enabled":false,"by_github":false,"security_email":"steve@infield.ai","listable_type":"Integration","listable_id":300994,"copilot_app":false}}},{"type":"marketplace_listing","id":"13233","state":"unverified","name":"Threatrix","free":true,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":true,"slug":"threatrix","owner_login":"threatrix","resource_path":"/marketplace/threatrix","installation_count":38,"full_description":"Graduate To Threatrix\n\nThreatrix is the first-to-market, cost-effective solution, providing continual license compliance and automated\nsecurity, allowing organizations to determine their exposure to open source risks with one solution. Actionable results\ndrive measurable reductions in risk, saving organizations developer time and costly remediation efforts for compliance\nteams.\n\nThreatrix provides hyper-accurate, audit quality results with its first-to-market technology.\n","short_description":"Audit quality, snippet level, open source security and license compliance in build-time with auto-remediation","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/13233?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":13233,"state":6,"name":"Threatrix","slug":"threatrix","short_description":"Audit quality, snippet level, open source security and license compliance in build-time with auto-remediation","full_description":"## Graduate To Threatrix\nThreatrix is the first-to-market, cost-effective solution, providing continual license compliance and automated security, allowing organizations to determine their exposure to open source risks with one solution. Actionable results drive measurable reductions in risk, saving organizations developer time and costly remediation efforts for compliance teams.\n\nThreatrix provides hyper-accurate, audit quality results with its first-to-market technology.","extended_description":"Nearly four years of research and development have culminated in the creation of our core technologies. Threatrix Origin Tracing technology ensures the most accurate open source match results producing immediately actionable data from build time scans.\n\nWith support for more than 400 languages and growing every day, Threatrix encompasses, by far, the broadest coverage of any tool in the market.\n\n### Continuous Security\nThreatrix continuously scans your repositories for security vulnerabilities and creates fix requests for the next or latest security versions of components.\n\n### Continuous Compliance\nThreatrix produces hyper-accurate results in minutes allowing your team to perform continuous triage of license issues to stay ahead of open source risks. VCs are using Threatrix to determine risks with their investments. Failing to comply with all of your open source licenses may kill your next funding round.\n\n","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://threatrix.io/privacy","tos_url":"https://threatrix.io/terms","company_url":"https://threatrix.io/","status_url":"","support_url":"support@threatrix.io","documentation_url":"https://docs.threatrix.io/","pricing_url":null,"bgcolor":"ffffff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"john@threatrix.io","marketing_email":"kristen@threatrix.io","finance_email":"john@threatrix.io","direct_billing_enabled":false,"by_github":false,"security_email":"john@threatrix.io","listable_type":"Integration","listable_id":220916,"copilot_app":false}}},{"type":"marketplace_listing","id":"16139","state":"unverified","name":"EdgeBit Security","free":true,"primary_category":"Security","secondary_category":"Dependency management","is_verified_owner":false,"slug":"edgebit-security","owner_login":"edgebitio","resource_path":"/marketplace/edgebit-security","installation_count":14,"full_description":"Prevent insecure dependencies before they can merge. Track and remediate vulnerabilities in your entire supply chain.\n\nEdgeBit is a real-time SCA tool that uses data about how your app executes in production to filter out irrelevant\nvulnerabilities and dormant code.\n","short_description":"Real-time SCA tool to find issues in your supply chain and rank threats with context from production execution","extended_description":null,"listing_logo_url":"https://avatars.githubusercontent.com/ml/16139?s=400&v=4","recommended":false,"marketplace_listing":{"listing":{"id":16139,"state":6,"name":"EdgeBit Security","slug":"edgebit-security","short_description":"Real-time SCA tool to find issues in your supply chain and rank threats with context from production execution","full_description":"**Prevent insecure dependencies before they can merge. Track and remediate vulnerabilities in your entire supply chain.**\n\nEdgeBit is a [real-time SCA tool](https://edgebit.io/solutions/vulnerability-management/?utm_source=github) that uses data about how your app executes in production to filter out irrelevant vulnerabilities and dormant code.\n\n","extended_description":" - **Detection in Pull Request**: Identify risks in new dependencies right in a PR\n - **Prioritized CVEs**: Ruthlessly prioritize issues to fix based on real-time context\n - **Supply Chain Inventory**: Track dependency track usage across your software components\n - **Generate SBOMs automatically**: SBOMs for compliance artifacts\n \n Dependencies for software products are exploding in number and with that comes a sprawling supply chain. A supply chain isn't just a build-time check, it's highly dynamic.\n\nEdgeBit watches in real time — we cross-reference your build pipelines here on GitHub and server fleet with multiple data sources to communicate your live inventory and actual risk.","primary_category_id":6,"secondary_category_id":11,"privacy_policy_url":"https://edgebit.io/legal/privacy/","tos_url":"https://edgebit.io/legal/terms/","company_url":"https://edgebit.io","status_url":"https://status.edgebit.io","support_url":"https://edgebit.io/support/","documentation_url":"https://edgebit.io/docs/0.x/","pricing_url":null,"bgcolor":"fff","light_text":false,"learn_more_url":null,"installation_url":null,"how_it_works":null,"hero_card_background_image_id":0,"technical_email":"eugene@edgebit.io","marketing_email":"founders@edgebit.io","finance_email":"rob@edgebit.io","direct_billing_enabled":false,"by_github":false,"security_email":"security@edgebit.io","listable_type":"Integration","listable_id":357519,"copilot_app":false}}}],"total":4,"total_pages":1},"categories":{"apps":[{"name":"API management","slug":"api-management","description_html":"<p>Structure your API infrastructure to enable various internet gateways to interact with your service.</p>\n"},{"name":"Backup Utilities","slug":"backup-utilities","description_html":"<p>Utilities providing periodic backups of your GitHub data</p>\n"},{"name":"Chat","slug":"chat","description_html":"<p>Bring GitHub into your conversations.</p>\n"},{"name":"Code quality","slug":"code-quality","description_html":"<p>Automate your code review with style, quality, security, and test‑coverage checks when you need them.</p>\n"},{"name":"Code review","slug":"code-review","description_html":"<p>Ensure your code meets quality standards and ship with confidence.</p>\n"},{"name":"Container CI","slug":"container-ci","description_html":"<p>Continuous integration for container applications.</p>\n"},{"name":"Continuous integration","slug":"continuous-integration","description_html":"<p>Automatically build and test your code as you push it to GitHub, preventing bugs from being deployed to production.</p>\n"},{"name":"Dependency management","slug":"dependency-management","description_html":"<p>Secure and manage your third-party dependencies.</p>\n"},{"name":"Deployment","slug":"deployment","description_html":"<p>Streamline your code deployment so you can focus on your product.</p>\n"},{"name":"Deployment Protection Rules","slug":"deployment-protection-rules","description_html":"<p>Enables custom protection rules to gate deployments with third-party services</p>\n"},{"name":"Game CI","slug":"game-ci","description_html":"<p>Tools for building a CI pipeline for game development</p>\n"},{"name":"IDEs","slug":"ides","description_html":"<p>Find the right interface to build, debug, and deploy your source code.</p>\n"},{"name":"Learning","slug":"learning","description_html":"<p>Get the skills you need to level up.</p>\n"},{"name":"Localization","slug":"localization","description_html":"<p>Extend your software's reach. Localize and translate continuously from GitHub.</p>\n"},{"name":"Mobile","slug":"mobile","description_html":"<p>Improve your workflow for the small screen.</p>\n"},{"name":"Mobile CI","slug":"mobile-ci","description_html":"<p>Continuous integration for Mobile applications</p>\n"},{"name":"Monitoring","slug":"monitoring","description_html":"<p>Monitor the impact of your code changes. Measure performance, track errors, and analyze your application.</p>\n"},{"name":"Project management","slug":"project-management","description_html":"<p>Organize, manage, and track your project with tools that build on top of issues and pull requests.</p>\n"},{"name":"Publishing","slug":"publishing","description_html":"<p>Get your site ready for production so you can get the word out.</p>\n"},{"name":"Recently added","slug":"recently-added","description_html":"<p>The latest tools that help you and your team build software better, together.</p>\n"},{"name":"Security","slug":"security","description_html":"<p>Find, fix, and prevent security vulnerabilities before they can be exploited.</p>\n"},{"name":"Support","slug":"support","description_html":"<p>Get your team and customers the help they need.</p>\n"},{"name":"Testing","slug":"testing","description_html":"<p>Eliminate bugs and ship with more confidence by adding these tools to your workflow.</p>\n"},{"name":"Utilities","slug":"utilities","description_html":"<p>Auxiliary tools to enhance your experience on GitHub</p>\n"}],"actions":[{"name":"API management","slug":"api-management","description_html":"<p>Structure your API infrastructure to enable various internet gateways to interact with your service.</p>\n"},{"name":"Backup Utilities","slug":"backup-utilities","description_html":"<p>Utilities providing periodic backups of your GitHub data</p>\n"},{"name":"Chat","slug":"chat","description_html":"<p>Bring GitHub into your conversations.</p>\n"},{"name":"Code quality","slug":"code-quality","description_html":"<p>Automate your code review with style, quality, security, and test‑coverage checks when you need them.</p>\n"},{"name":"Code review","slug":"code-review","description_html":"<p>Ensure your code meets quality standards and ship with confidence.</p>\n"},{"name":"Container CI","slug":"container-ci","description_html":"<p>Continuous integration for container applications.</p>\n"},{"name":"Continuous integration","slug":"continuous-integration","description_html":"<p>Automatically build and test your code as you push it to GitHub, preventing bugs from being deployed to production.</p>\n"},{"name":"Dependency management","slug":"dependency-management","description_html":"<p>Secure and manage your third-party dependencies.</p>\n"},{"name":"Deployment","slug":"deployment","description_html":"<p>Streamline your code deployment so you can focus on your product.</p>\n"},{"name":"Deployment Protection Rules","slug":"deployment-protection-rules","description_html":"<p>Enables custom protection rules to gate deployments with third-party services</p>\n"},{"name":"Game CI","slug":"game-ci","description_html":"<p>Tools for building a CI pipeline for game development</p>\n"},{"name":"GitHub Sponsors","slug":"github-sponsors","description_html":"<p>Tools to manage your <a href=\"https://github.com/sponsors\">GitHub Sponsors</a> community</p>\n"},{"name":"IDEs","slug":"ides","description_html":"<p>Find the right interface to build, debug, and deploy your source code.</p>\n"},{"name":"Learning","slug":"learning","description_html":"<p>Get the skills you need to level up.</p>\n"},{"name":"Localization","slug":"localization","description_html":"<p>Extend your software's reach. Localize and translate continuously from GitHub.</p>\n"},{"name":"Mobile","slug":"mobile","description_html":"<p>Improve your workflow for the small screen.</p>\n"},{"name":"Mobile CI","slug":"mobile-ci","description_html":"<p>Continuous integration for Mobile applications</p>\n"},{"name":"Monitoring","slug":"monitoring","description_html":"<p>Monitor the impact of your code changes. Measure performance, track errors, and analyze your application.</p>\n"},{"name":"Project management","slug":"project-management","description_html":"<p>Organize, manage, and track your project with tools that build on top of issues and pull requests.</p>\n"},{"name":"Publishing","slug":"publishing","description_html":"<p>Get your site ready for production so you can get the word out.</p>\n"},{"name":"Security","slug":"security","description_html":"<p>Find, fix, and prevent security vulnerabilities before they can be exploited.</p>\n"},{"name":"Support","slug":"support","description_html":"<p>Get your team and customers the help they need.</p>\n"},{"name":"Testing","slug":"testing","description_html":"<p>Eliminate bugs and ship with more confidence by adding these tools to your workflow.</p>\n"},{"name":"Utilities","slug":"utilities","description_html":"<p>Auxiliary tools to enhance your experience on GitHub</p>\n"}]}},"title":"Marketplace"}